rewrite to total kaniko build.

2025-10-14 20:31:44 +04:00 · 2025-10-14 20:31:44 +04:00 · 5f711f4229
commit 5f711f4229
parent d43885fb63
1 changed files with 112 additions and 130 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -1,7 +1,7 @@
 ---
 kind: pipeline
 type: kubernetes
-name: Nocr
+name: Nocr (Kaniko)

 metadata:
  namespace: musk-drone
@ -16,73 +16,25 @@ clone:

 steps:

-  - name: debug
-    image: alpine
-    commands:
-      - printenv
-
  - name: clone
    image: alpine/git
-    settings:
-      tags: true
    commands:
-      - pwd
      - git clone https://gitea.musk.fun/nocr/flea
      - cd flea
      - git submodule update --init --recursive

-  - name: debug-network
-    image: alpine
-    commands:
-      - apk add --no-cache bind-tools curl ca-certificates
-      - echo "=== System Info ==="
-      - cat /etc/os-release
-      - echo ""
-      - echo "=== DNS Configuration ==="
-      - cat /etc/resolv.conf
-      - echo ""
-      - echo "=== DNS Resolution Test ==="
-      - nslookup api.nuget.org || echo "DNS lookup failed"
-      - nslookup gitea.musk.fun || echo "DNS lookup failed for gitea"
-      - echo ""
-      - echo "=== Ping Test (NuGet) ==="
-      - ping -c 3 api.nuget.org || echo "Ping failed"
-      - echo ""
-      - echo "=== HTTPS Connection Test (NuGet) ==="
-      - curl -v --connect-timeout 10 --max-time 30 https://api.nuget.org/v3/index.json 2>&1 | head -50
-      - echo ""
-      - echo "=== HTTPS Connection Test (Gitea) ==="
-      - curl -v --connect-timeout 10 --max-time 30 https://gitea.musk.fun 2>&1 | head -30
-      - echo ""
-      - echo "=== CA Certificates Check ==="
-      - ls -lah /etc/ssl/certs/ | head -20
-    depends_on:
-    - clone
-
-  - name: debug-dotnet-restore
+  - name: prepare-dotnet
    image: mcr.microsoft.com/dotnet/sdk:8.0
    commands:
      - echo "=== .NET SDK Info ==="
      - dotnet --info
-      - echo ""
-      - echo "=== CA Certificates Update ==="
-      - apt-get update && apt-get install -y --no-install-recommends ca-certificates
-      - update-ca-certificates
-      - echo ""
-      - echo "=== Test NuGet Connection ==="
-      - dotnet nuget list source
-      - echo ""
-      - echo "=== Test Restore with Simple Project ==="
-      - mkdir -p /tmp/test && cd /tmp/test
-      - dotnet new console
-      - echo "Adding package reference..."
-      - dotnet add package Newtonsoft.Json --version 13.0.3
-      - echo "Testing restore..."
-      - dotnet restore --verbosity detailed 2>&1 | tail -100
-    depends_on:
-    - debug-network
+      - echo "=== Restore all projects to warm up cache ==="
+      - cd flea
+      - find . -name '*.sln' -exec dotnet restore {} \;

-  - name: docker nocr telegram listener build & push
+  # 🐋 Kaniko steps with caching enabled
+
+  - name: build & push telegram-listener
    image: gcr.io/kaniko-project/executor:debug
    environment:
      HUB_USERNAME:
@ -90,102 +42,132 @@ steps:
      HUB_PASSWORD:
        from_secret: hub_password
    commands:
-      - echo "=== Kaniko version ==="
-      - /kaniko/executor version
-      - echo ""
-      - echo "=== Setting up authentication ==="
      - mkdir -p /kaniko/.docker
      - echo "{\"auths\":{\"hub.musk.fun\":{\"username\":\"$HUB_USERNAME\",\"password\":\"$HUB_PASSWORD\"}}}" > /kaniko/.docker/config.json
-      - echo ""
-      - echo "=== Building and pushing image ==="
      - cd flea/telegram-listener
      - /kaniko/executor
-        --dockerfile=src/Nocr.TelegramListener.Host/Dockerfile
        --context=.
+        --dockerfile=src/Nocr.TelegramListener.Host/Dockerfile
        --destination=hub.musk.fun/k8s/nocr/telegram_listener:${DRONE_COMMIT_SHA:0:7}
        --destination=hub.musk.fun/k8s/nocr/telegram_listener:latest
-        --no-cache
+        --cache=true
+        --cache-repo=hub.musk.fun/k8s/cache/nocr-telegram-listener
        --verbosity=info
-      - echo "=== Done ==="
    depends_on:
-    - debug-dotnet-restore
+      - prepare-dotnet

-  - name: docker nocr text matcher build & push
-    image: plugins/docker
-    settings:
-      registry: hub.musk.fun
-      repo: hub.musk.fun/k8s/nocr/text_matcher
-      tags: ["${DRONE_COMMIT_SHA:0:7}", "latest"]
-      context: ./flea/text-matcher
-      dockerfile: ./flea/text-matcher/src/Nocr.TextMatcher.Host/Dockerfile
-      username:
+  - name: build & push text-matcher
+    image: gcr.io/kaniko-project/executor:debug
+    environment:
+      HUB_USERNAME:
        from_secret: hub_username
-      password:
+      HUB_PASSWORD:
        from_secret: hub_password
+    commands:
+      - mkdir -p /kaniko/.docker
+      - echo "{\"auths\":{\"hub.musk.fun\":{\"username\":\"$HUB_USERNAME\",\"password\":\"$HUB_PASSWORD\"}}}" > /kaniko/.docker/config.json
+      - cd flea/text-matcher
+      - /kaniko/executor
+        --context=.
+        --dockerfile=src/Nocr.TextMatcher.Host/Dockerfile
+        --destination=hub.musk.fun/k8s/nocr/text_matcher:${DRONE_COMMIT_SHA:0:7}
+        --destination=hub.musk.fun/k8s/nocr/text_matcher:latest
+        --cache=true
+        --cache-repo=hub.musk.fun/k8s/cache/nocr-text-matcher
+        --verbosity=info
    depends_on:
-    - docker nocr telegram listener build & push
+      - build & push telegram-listener

-  - name: docker nocr users build & push
-    image: plugins/docker
-    settings:
-      registry: hub.musk.fun
-      repo: hub.musk.fun/k8s/nocr/users
-      tags: ["${DRONE_COMMIT_SHA:0:7}", "latest"]
-      context: ./flea/users
-      dockerfile: ./flea/users/src/Nocr.Users.Host/Dockerfile
-      username:
+  - name: build & push users
+    image: gcr.io/kaniko-project/executor:debug
+    environment:
+      HUB_USERNAME:
        from_secret: hub_username
-      password:
+      HUB_PASSWORD:
        from_secret: hub_password
+    commands:
+      - mkdir -p /kaniko/.docker
+      - echo "{\"auths\":{\"hub.musk.fun\":{\"username\":\"$HUB_USERNAME\",\"password\":\"$HUB_PASSWORD\"}}}" > /kaniko/.docker/config.json
+      - cd flea/users
+      - /kaniko/executor
+        --context=.
+        --dockerfile=src/Nocr.Users.Host/Dockerfile
+        --destination=hub.musk.fun/k8s/nocr/users:${DRONE_COMMIT_SHA:0:7}
+        --destination=hub.musk.fun/k8s/nocr/users:latest
+        --cache=true
+        --cache-repo=hub.musk.fun/k8s/cache/nocr-users
+        --verbosity=info
    depends_on:
-    - docker nocr text matcher build & push
+      - build & push text-matcher

-  - name: docker nocr telegram client build & push
-    image: plugins/docker
-    settings:
-      registry: hub.musk.fun
-      repo: hub.musk.fun/k8s/nocr/telegram_client
-      tags: ["${DRONE_COMMIT_SHA:0:7}", "latest"]
-      context: ./flea/telegram-client
-      dockerfile: ./flea/telegram-client/src/Nocr.TelegramClient.Host/Dockerfile
-      username:
+  - name: build & push telegram-client
+    image: gcr.io/kaniko-project/executor:debug
+    environment:
+      HUB_USERNAME:
        from_secret: hub_username
-      password:
+      HUB_PASSWORD:
        from_secret: hub_password
+    commands:
+      - mkdir -p /kaniko/.docker
+      - echo "{\"auths\":{\"hub.musk.fun\":{\"username\":\"$HUB_USERNAME\",\"password\":\"$HUB_PASSWORD\"}}}" > /kaniko/.docker/config.json
+      - cd flea/telegram-client
+      - /kaniko/executor
+        --context=.
+        --dockerfile=src/Nocr.TelegramClient.Host/Dockerfile
+        --destination=hub.musk.fun/k8s/nocr/telegram_client:${DRONE_COMMIT_SHA:0:7}
+        --destination=hub.musk.fun/k8s/nocr/telegram_client:latest
+        --cache=true
+        --cache-repo=hub.musk.fun/k8s/cache/nocr-telegram-client
+        --verbosity=info
    depends_on:
-    - docker nocr users build & push
+      - build & push users

-  - name: docker nocr text matcher migrator build & push
-    image: plugins/docker
-    settings:
-      registry: hub.musk.fun
-      repo: hub.musk.fun/k8s/nocr/text_matcher_migrator
-      tags: ["${DRONE_COMMIT_SHA:0:7}", "latest"]
-      context: ./flea/text-matcher/
-      dockerfile: ./flea/text-matcher/src/Nocr.TextMatcher.Migrator/Dockerfile
-      username:
+  - name: build & push text-matcher migrator
+    image: gcr.io/kaniko-project/executor:debug
+    environment:
+      HUB_USERNAME:
        from_secret: hub_username
-      password:
+      HUB_PASSWORD:
        from_secret: hub_password
+    commands:
+      - mkdir -p /kaniko/.docker
+      - echo "{\"auths\":{\"hub.musk.fun\":{\"username\":\"$HUB_USERNAME\",\"password\":\"$HUB_PASSWORD\"}}}" > /kaniko/.docker/config.json
+      - cd flea/text-matcher
+      - /kaniko/executor
+        --context=.
+        --dockerfile=src/Nocr.TextMatcher.Migrator/Dockerfile
+        --destination=hub.musk.fun/k8s/nocr/text_matcher_migrator:${DRONE_COMMIT_SHA:0:7}
+        --destination=hub.musk.fun/k8s/nocr/text_matcher_migrator:latest
+        --cache=true
+        --cache-repo=hub.musk.fun/k8s/cache/nocr-text-matcher-migrator
+        --verbosity=info
    depends_on:
-    - docker nocr telegram client build & push
+      - build & push telegram-client

-  - name: docker nocr users migrator build & push
-    image: plugins/docker
-    settings:
-      registry: hub.musk.fun
-      repo: hub.musk.fun/k8s/nocr/users_migrator
-      tags: ["${DRONE_COMMIT_SHA:0:7}", "latest"]
-      context: ./flea/users/
-      dockerfile: ./flea/users/src/Nocr.Users.Migrator/Dockerfile
-      username:
+  - name: build & push users migrator
+    image: gcr.io/kaniko-project/executor:debug
+    environment:
+      HUB_USERNAME:
        from_secret: hub_username
-      password:
+      HUB_PASSWORD:
        from_secret: hub_password
+    commands:
+      - mkdir -p /kaniko/.docker
+      - echo "{\"auths\":{\"hub.musk.fun\":{\"username\":\"$HUB_USERNAME\",\"password\":\"$HUB_PASSWORD\"}}}" > /kaniko/.docker/config.json
+      - cd flea/users
+      - /kaniko/executor
+        --context=.
+        --dockerfile=src/Nocr.Users.Migrator/Dockerfile
+        --destination=hub.musk.fun/k8s/nocr/users_migrator:${DRONE_COMMIT_SHA:0:7}
+        --destination=hub.musk.fun/k8s/nocr/users_migrator:latest
+        --cache=true
+        --cache-repo=hub.musk.fun/k8s/cache/nocr-users-migrator
+        --verbosity=info
    depends_on:
-    - docker nocr text matcher migrator build & push
+      - build & push text-matcher migrator

-  - name: nocr telegram listener nuget package make & push
+  # 📦 NuGet publishing (оставляем .NET SDK)
+  - name: publish telegram-listener nuget
    image: mcr.microsoft.com/dotnet/sdk:8.0
    environment:
      VERSION: ${DRONE_TAG}
@ -196,9 +178,9 @@ steps:
      - dotnet pack ./flea/telegram-listener/Nocr.TelegramListener.sln -o ./flea/telegram-listener/bin
      - dotnet nuget push ./flea/telegram-listener/bin/*Contract*.nupkg --api-key $NUGETAPIKEY --source musk --skip-duplicate
    depends_on:
-    - docker nocr users migrator build & push
+      - build & push users migrator

-  - name: nocr text matcher nuget package make & push
+  - name: publish text-matcher nuget
    image: mcr.microsoft.com/dotnet/sdk:8.0
    environment:
      VERSION: ${DRONE_TAG}
@ -209,9 +191,9 @@ steps:
      - dotnet pack ./flea/text-matcher/Nocr.TextMatcher.sln -o ./flea/text-matcher/bin
      - dotnet nuget push ./flea/text-matcher/bin/*Contract*.nupkg --api-key $NUGETAPIKEY --source musk --skip-duplicate
    depends_on:
-    - nocr telegram listener nuget package make & push
+      - publish telegram-listener nuget

-  - name: nocr users nuget package make & push
+  - name: publish users nuget
    image: mcr.microsoft.com/dotnet/sdk:8.0
    environment:
      VERSION: ${DRONE_TAG}
@ -222,4 +204,4 @@ steps:
      - dotnet pack ./flea/users/Nocr.Users.sln -o ./flea/users/bin
      - dotnet nuget push ./flea/users/bin/*Contract*.nupkg --api-key $NUGETAPIKEY --source musk --skip-duplicate
    depends_on:
-    - nocr text matcher nuget package make & push
+      - publish text-matcher nuget